Project

General

Profile

Actions

Bug #21907

open

Ignore reported batik-css CVE

Added by Alexis Mousset about 2 months ago. Updated about 2 months ago.

Status:
Pending release
Priority:
N/A
Category:
Security
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Regression:
No

Description

https://nvd.nist.gov/vuln/detail/CVE-2022-40146 is a false positive as antisamy only uses batik-css which does not depend on the affected package https://security.snyk.io/vuln/maven/?search=batik.


Subtasks 1 (1 open0 closed)

Bug #21908: Ignore reported batik-util CVEPending releaseVincent MEMBRÉActions
Actions #1

Updated by Alexis Mousset about 2 months ago

  • Status changed from New to In progress
  • Assignee set to Alexis Mousset
Actions #2

Updated by Alexis Mousset about 2 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis Mousset to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder-plugins/pull/505
Actions #3

Updated by Alexis Mousset about 2 months ago

  • Status changed from Pending technical review to Pending release
Actions #4

Updated by Alexis Mousset about 2 months ago

  • Subtask #21908 added
Actions

Also available in: Atom PDF